Ubuntu Security :: Basics Of Good Security Of Small Commercial Website?
Jan 17, 2011
1. I understand you can protect your files or directories in your website by setting file/directory permissions. The meaning of r w x is clear to me, but I'm not sure how to proceed... Starting with the index.html file, if I wanted to make it so that anyone in the world can read it but can't modify it, do I set its permissions to rwxr-xr-x? If I set it to rwxr--r--, would that mean the file couldn't be served? I mean, what does the x setting do on a .html file, how can a .html file be executable?
2. If file permissions work on the lines of owner-group-others, in the context of a website, who is 'group'? As far as I can tell, there's only the owner, which is me, and others, which is the world accessing the site. Am I correct in thinking that by default, say when creating a website on a shared hosting server, there is no group unless I specifically set one up?
3. My ISP allows the DynDNS.org service, meaning that I could serve a website from my home. It's too early to go that route just yet, but for future reference, I would like to ask about the server software called Hiawatha. It is said to be secure, but having read some evaluations of it, it doesn't seem to offer anything that couldn't be accomplished with Apache or Cherokee, it's just that its security settings are simpler and easier to configure. Am I right about this? Or does Hiawatha truly offer something that the other major server packages don't?
View 9 Replies
ADVERTISEMENT
Jun 19, 2010
I want to protect samba Server running on Red hat 8.0(2.4.18-14 kernel). (i686 Architecture)
can any one prefer me 3 good commercial anti virus that supports
Redhat 8.0.
View 2 Replies
View Related
Aug 13, 2010
I am new to the Ubuntu/Linix world (less than a week).
I have tried the search, but have had difficulty finding threads on this.
Can someone recommend an excellent firewall to use with Ubuntu?
View 9 Replies
View Related
Mar 31, 2011
I was wondering if any free, small, portable, cross platform programme exists for encrypting/decrpyitng simple txt files?
I know a couple of small ones for windows systems (nosee, dscrypt) but i wonder if there is any i could use on both linux and windows OS. the idea is to be able to carry it on USB key and the programme (or probably there will have to be 2 versions of it) would run either on windows or linux os and i could decrypt and encrypt the file if i needed to. no matter on what system i plug the USB key to.
View 9 Replies
View Related
Feb 11, 2010
I have enabled ssh key based logins for one of my servers and disabled normal password based logins. It just occurred to me that the public key which I generated on my pc, and uploaded to the servers authorized_keys, may in fact only apply to my local PC / user account. So basically if my system crashes I would have no way to login to the server...? Is it not possible to "share" public keys so other people (PCs / accounts) can use them?
View 3 Replies
View Related
Oct 18, 2010
I am new and i am worried about my data. So i want an Internet Security software for ubuntu.
View 9 Replies
View Related
May 25, 2011
I want to set up a website that hosts very confidential business information. The info needs to be accessed by multiple people in different geographical regions. The entire website would require the high security (ie: there are no little sections that are publicly viewable). While the site will be run with Ubuntu server, I will be hosting it in Amazon's EC2 cloud.
So, if I use the HTTPS protocol with an SSL certificate, am I pretty well reaching the most secure possible situation? Are there any concerns with using the EC2 solution? Obviously there are a LOT of variables involved with maintaining website security, but I want to know if HTTPS is the current best bet (in addition to all the "best practices" of securing a site) or if there is a more robust way of securing content.
View 9 Replies
View Related
Jun 10, 2010
What is a good IP filter/firewall program? Seeing as how I like free softwares, I download a lot of torrents. When I was using Windows, I used PeerBlock (the newer fork of PeerGuardian), however, it's not available for Linux. What would be a good alternative for this in Linux? I tried iplist as it has a GUI, and it was extremely buggy and blocked random web pages even after I put them on the exceptions list. And MoBlock has no GUI from I understand, nor has it been updated in years.
View 9 Replies
View Related
Oct 2, 2010
I'm looking for a good hardware firewall that will run on an older pc (ie 512 MB RAM and 1GHZ CPU) FOSS is preferable, but not required. I've tried Astaro, but it refuses to load after a restart. I'm hoping for AV as I support Windoze clients, and a VPN. Past that, I can deal with anything.
View 4 Replies
View Related
Apr 14, 2011
I recently came upon an ubuntu variant called blackbuntu. Its in early release stages at this point, but its being marketed as a pen test distro. Exactly like Back Track, but in Ubuntu form. Was just wondering if anyone has had a chance to use this yet? All software that the distro uses is readily avilable in the ubuntu repositories already.
View 4 Replies
View Related
Nov 1, 2010
on my linux server i have many websites, before i use this command
netstat -anpl|grep :80|awk {'print $5'}|cut -d":" -f1|sort|uniq -c|sort -n
to see all the ips with many connection but the problem is is show me all the ips from all the websites from the server, can be another way to show me all the ips just from my website ?
View 1 Replies
View Related
Oct 8, 2010
A friend of mine has a private forum setup so he and I can communicate back and forth so we don't have to send emails. The link is a "https://" so I'm assuming it's secure. I'm a newbie to ubuntu and I have already switch 3 of my computers at home to ubuntu.
I'm using Ubuntu 10.04 and google chrome as my browser. When I log into his forum it pops up with a screen saying "The site's security certificate is not trusted" and I always click proceed anyways. I'm not worried about this because I'm 110% sure that it's his website that I'm trying to access. My question/problem is it also pops up with a little box telling me to enter my Username and Password every time. When I was using WindowsXP, I had to enter this info once and then I wouldn't have to enter it again.
View 4 Replies
View Related
Feb 27, 2011
For example would a website log the mac address of my ethernet adapter and my computer name?
View 4 Replies
View Related
Jul 17, 2011
I don't care for domain 'authentication' by an "Authority". I don't trust no one, so CA's to me are as trustworthy as the gypsy in the park.
I can use a self-signed certificate, but the problem is most browsers makers are Fn idiots that say the connection is not secure, when it actually it, but because I did not folk out cash, it makes my website look bad.
I can understand the need for a 3rd party to verify the domain host to prevent man in the middle attacks, but I do not care for this.. and browser makers should take more responsibility and introduce different padlocks for types of authentication, rather than saying "this connection is encrypted, but not secure because its self-signed". What a load of horse s***!
How many times does people stop to read certificate authorities? I sure don't. I only care weather or not the connection has been encrypted.. so, I am looking for a way for simply providing encryption for my website.
From what I understand, when you submit a CSR to a CA, it includes the private key, meaning that the CA would be able to see the encrypt data, should they get hold of it. This is not acceptable for me.
Is there anything other way to use encryption other than the SSL model that is used typically amongst HTTPS browsers today?
View 3 Replies
View Related
Oct 11, 2010
rc.scripts, cron jobs, what else? Can hidden files be executed simply by going to a directory that has that hidden file inside it?
View 5 Replies
View Related
Mar 19, 2011
I went to visit a website that I frequent and firefox through a error that basically said that the internet connection might be being tampered with and that the website was not authenticated. Meaning someone might be trying to load a fake website into my browser and impersonate the website to give me viruses or something.It's a website I frequent. Also the website doesn't have the www. in the url.[URL]..
View 9 Replies
View Related
Apr 23, 2011
I had a hack on my oscommerce website recently. I have put in the relevant security patches but I need to check whether the hacker left any code changes in my files. What is a good file comparison software for linux? I need it to scan though the current files and folders and compare it the original default oscommerce installation so I can check the code.
View 14 Replies
View Related
Mar 24, 2011
i am using RHEL 5. i configured proxy server. now i want block one website.
View 2 Replies
View Related
May 6, 2010
So I forgot how to do something in Compiz and I quickly Googled it to find the answer. On the first or second link I clicked, a pop-up box opened from Firefox saying that I should scan my computer. Immediately, I pressed the X button, but a page started to load that tried to "scan" my computer. I closed out Firefox and re-opened it. I did the exact same search again on Google, but I clicked on the cached view of the site. It was harmless enough--a blog with some ads on the side of the page. I'm assuming that it was one of the ads that somehow must have taken over the page.
Anyway, I know that the discussion of anti-virus programs is not anything new, but I would like to know if this virus may have affected Ubuntu. What would you guys recommend in this case?Also, after running the update manager, I received a pop-up box asking if I would like to update Grub. Is this a normal part of the update, or could it be a virus? I'm a bit paranoid, being from the land of Windows.
View 6 Replies
View Related
Nov 4, 2010
I'd like to know if this is common security flaw or normal to open up FTP to the public which is of course protected with password for 3rd party access to maintain our public facing / production website ?
If yes, what sort of FTP application to install in Ubuntu ?
View 1 Replies
View Related
Jan 11, 2010
I am currently taking my CCNA course. I have come to realize that to be a great Admin and secure a companies data, you first have to know it's weakness. Now I have become aware of a few programs like John the ripper telnet password crack, nmap, and the like. Well I have used nmap to port scan my own website for practice. I received some good intel on what ports are open and vulnerable. I am now trying to figure out how to hack in.To get my website info I used :
[Code]...
View 12 Replies
View Related
Oct 17, 2010
Does anyone knows good commercial or non-commercial antivirus software that runs on ubuntu 10.04 and that works with the samba v-scan module? I was thinking about Avast, but I'm not sure it works with samba v-scan. Also I'm not sure it is possible to install the avast server edition for linux on ubuntu 10.04.
View 6 Replies
View Related
Oct 7, 2010
I have a server with a couple of sites on it. Some of them have a webform where people can send them emails that they are interested in their work etc. though the "To:" and "From:" adress can't be change by the enduser, you can only enter text and press send. However it seems that someone (not on the server) has found a hole/exploit to use those webforms to send mails to who ever he wants.. I have the webserver setup with ssmtp (simple smtp) and it just forwards the mail sent from the server to my mail-server and there on it sends it out on the internet. If I check my log on the mail-server I can see the whole smtp session, where it's comming from and where it's going etc. I see that it comes from my webserver and over there I only have these log entries:
Oct 6 22:04:47 ettan2 sSMTP[1771]: Sent mail for itaumail@itau.com.br (221 2.0.0 Bye) uid=204 username=torget outbytes=3290
There are loads of those log entries, mostly at after office-hours between 17:00 and 7:00 I have scanned through all the Apache logs and can't find Anything that point to the e-mail addresses used or something like that. The reason I found this out was because he tries to send to a host that doesn't allow connection on port 25 so all the mails got stuck in the queue, over 1000 atm.. I'm using Apache 2.2 and Postfix 2.6 on a Debian Lenny install. What can I do to find out how he's doing this and close the "exploit"? Who would you recommend to setup the mail() thing in PHP for most security?
View 6 Replies
View Related
Apr 4, 2011
Basically, whenever I am on an unencrypted wireless hotspot, I open up an SSH tunnel to my home server to do all my browsing for the privacy and security it provides.But I got to thinking, and now I am curious, if I am visiting a site like gmail for instance that always uses SSL/TLS for it's connections, is there any added benefit to also using an encrypted tunnel? or is it perhaps superfluous to use both
View 3 Replies
View Related
May 19, 2011
I get an Untrusted Connection error when I visit this site to login into my GRE account, and I cannot add it as an exception, in Mozilla Firefox 4.0 on Ubuntu 11.04. When I visit the site using Chrome, I have no issues. Is this a bug in Firefox's certificate management? I'm using Ubuntu 11.04. I do not get this error in Windows' Firefox 4.0.
View 3 Replies
View Related
Nov 4, 2010
I'd like to know if this is common security flaw or normal to open up FTP to the public which is of course protected with password for 3rd party access to maintain our public facing / production website ? If yes, what sort of FTP application to install in your Linux webserver?
View 7 Replies
View Related
Aug 19, 2010
After searching I cannot find what I am looking for. My wife has comissioned me to put together a cheap website to highlight her crochet projects. I had used OSX's web site server in the past. where the folder for web sites are in Ubuntu. This would get very low traffic and would be fine on a desktop computer. I see no reason to install Ubuntu server.
View 5 Replies
View Related
Feb 18, 2011
First of all, let me just state that i want to make a small server for my home.. which includes hosting a website and a small FTP server.
Now as far as ease, stability, use, etc.. just overall, which would be more ideal to use for this?
My top choices are FreeBSD and Ubuntu Server.
However, I do not know which of these to go with, since this is my first time setting up a server. I hear BSD is really best for web servers, but I would like to hear what the people at LQ has to say.
I know Ubuntu Server would probably be more easy to set up, but how is it in terms of stability and speed?
View 6 Replies
View Related
Dec 15, 2010
I used Avast webfilter (proxied webtraffic through Avast) when running Windows. Sometimes Avast would alert and "protect" me from being infected by a compromised website. NOTE: Avast would alert even absent clicking any links. Just viewing the page could result in infection. Should I be running some kind of proxy webfilter for protection? My understanding is that Firefox can be compromised and this can in turn compromise Ubuntu.Are these kinds of threats specific to Windows running Firefox, or Firefox per se. If Firefox per se it seems like I need some sort of Proxy webfiltering like Avast provides.
View 9 Replies
View Related
Jan 26, 2010
I'm new to Linux. I use Soalris all the time.In Solairs, I can go to "sunfreeeware.com" to download most of the third party softwares.But for redhat Linux, what's the good website to download "rpm"?
View 4 Replies
View Related
